1. Field of the Invention
The invention relates to an automated authentication handling system. More particularly, the present invention relates to automating the authentication of a client among multiple servers.
2. Description of the Related Art
With the advent of networked computing systems, the user's need to use information and services distributed across computer networks and, in particular, the Internet has grown. In many instances, access to remote services and applications is restricted and requires an authentication process by the user before access is provided. As many more services are provided on such networks, the task of providing a separate authentication for each service can become burdensome to the end user. This can be especially true when the services are related in tasks or ownership.
FIG. 1 illustrates a conventional configuration wherein clients 22-24 are connected to a network 26. A plurality of application servers 28-30 each having an authentication engine 32 are also connected to the network 26. Communication to these application servers by the clients, shown for purposes of illustration by lines 34-36 requires that the clients first establish a communications link with the application server 28-30 and then interact with the respective authentication engines 32 to establish access to the application server. In some instances establishing a trusted communication link meant that clients co-located at a facility were dedicated to communicate with a selected application server. Users wishing to use different applications had to physically move from client to client when wishing to access different application servers.
FIG. 2 illustrates another configuration wherein the clients 22-24 again connects to application servers 28-30 though a network 26; however, the authentication engines 32 of FIG. 1 are co-located on a single authentication server 34. While suitable for its intended purpose, the client must still log into each of the application servers separately. Authentication occurs between the application servers and the authentication server for the client's establishment of a communications link.
FIG. 3 illustrates another configuration wherein the clients 22-24 and application servers 28-30 are connected via the network 26 through an authentication server 36. In this instance the authentication server functions as a router in which the client 32 communicates to with each of the application servers through the authentication server 36 and can include a firewall 38 for security. While an improvement over existing authentication topologies, this authentication server can limit the client's access to the application by managing all communication between the client and the desired application server. In instances where a number of clients require communication the authentication server can delay communication between the application server and the client.
Thus, the need exists for a system for minimizing the authentication process across multiple servers in which authentication information can be distributed to multiple servers across a network.